Vulnerability Details CVE-2025-52293
A segmentation violaton in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying crafted HEVC SPS data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.3%
CVSS Severity
CVSS v3 Score 7.5